Slashdot Mirror
Phoenix BIOSOS?
jhfry writes "In an interesting development by an unexpected source, Phoenix Technologies is releasing a Linux-based, virtualization-enabled, BIOS-based OS for computers. They implemented a full Linux distro right on the BIOS chips, and by using integrated virtualization technology, it 'allows PCs and laptops to hot-switch between the main operating system, such as Windows, and the HyperSpace environment.' So, essentially, they are 'trying to create a new market using the ideas of a fast-booting, safe platform that people can work in, but remain outside of Windows.'"
The Paranoid Conspiracist in me says: "This is an essential step for the trusted computing platform, where a government or corporate owned rootkit could exist on your computer, with little to no ability to be replaced or removed by the owner of the machine."
So is this fundamentally different from Asus putting SplashTop on some of their netbooks and motherboards?
“Common sense is not so common.” — Voltaire
In the fourth case, the core security software grabs input and output from the network and disk to check the data for security threats. In that case, "you won't even really know you are using hyperspace," Hobbs says.
Talk about the setup for the rootkit from hell.
Hyperspace is an extremely fast booting (approx 4 seconds) Linux based mini OS. It is available in two flavors. On PCs without the Intel's VT extensions it is just a fast booting OS, but you can only dual boot it.
On PC's with VT, the bios loads a hypervisor which then boots both Hyperspace, and windows. (It may defer starting windows until hyperspace has loaded). The result is that within for seconds you can begin using the computer, doing things like browsing the web while windows. Once Windows is up, users can instantly switch back and forth.
In theory there should be little reason why other OS could not be used instead of windows, although the system may be installing special drivers in windows to help mitigate some issues.
Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
DOS was a BIOS based OS. It passed a large number of its calls directly to the BIOS. We all know how well that worked out.
That said, I would rather have a read-only, default, fallback, usable OS in the system firmware. You know, something that could be used for:
The PC is one of the few platforms where the hardware is actually useless to the end user without an installed operating system. Reflashable BIOSes further compound the problem by allowing a software command to render the hardware unbootable and unrecoverable (that is, unless you happen to have a FLASH programmer and another computer lying around...). The PC has perhaps the worst architure and implementation of any major platform, and it's about time they did something to fix that.
In fact, with the falling prices of flash, why not just flash a Linux kernel into the BIOS?
The society for a thought-free internet welcomes you.
Or this will shoot such issues down.
What about updating the kernel or compiling in new drivers? Do you have to flash the BIOS every time? Risky.
Why don't they just start to work on coreboot? The piece of code shipped currently as BIOS could be so much better. There is an excellent Google Talk about coreboot's improvements.
It's high time the old unflexible piece of crap BIOS died.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
Does this include Linux code in the BIOS itself, or only load it off disk and use it. If the former, did they publish the source?
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
People will be able to distinguish between "my computer has crashed" and "Windows has crashed" because, when Windows dies, they will be able to hot-key to the still-running BIOS OS.
That's a very nice innovation. I look forward to buying a mobo which can do this.
As a system administrator, I disagree in the strongest possible terms. I'd love to be able to have the domain clients here restricted to an authorized software list. I could let users install things they needed or wanted instead of having to do everything for them, but I could restrict the list of available code to things I'd verified were safe and wouldn't cause system issues, security problems, etc. It'd also offer significant protection against resident malware. It'd be great.
Even being able to detect when a machine had unauthorized software on it would be a huge plus.
The parent poster's point is an excellent one - often the user of the computer isn't the owner, and/or isn't the person responsible for managing and maintaining it. In these cases remote attestation becomes highly attractive.
I think you've got a skewed perspective.
I'm assuming here that you're some sort of administrator or something. Based on that assumption I offer this perspective: Your job only exists to enable them to do theirs. You're a meta-worker, they're the workers. Certainly there is some allowance for pride in your work in that it's "your" network or "your" computers, but you're really only there to enable them. Without them, you wouldn't be necessary. As long as you keep that in mind, everyone benefits.
Question everything
even mass storage devices can be a pain these days in windows (u3 tools anyone?) and xp doesn't like multiple partitions on a usb stick (had to hack the drivers to make windows think it was a hard drive to be able to access the second partition, even though both partitions were fat32).
I had most of this in the 70s. It was called the Tandy Model I, and the entire OS was on a chip. There were never any driver problems because you couldn't install drivers. It was instant on (and by instant I mean faster than the CRT/TV it was connected to).
We've come so far .... :P
Oh, and 4K of RAM ought to be enough for anybody. ;)
Put identity in the browser.
Latest example is a webcam that I pulled out of my spare parts box for a project. Windows demanded the driver disk (which I didn't have) and couldn't find anything when I told it to go searching on the web. Ubuntu recognized it immediately and the driver was already on the system... instant joy. Gave up on Windows... another reason to delete Windows on my last remaining Windows computer.
I also hear lots of stories about WiFi not working but I have installed Linux on about 15 laptops (internal and external WiFi adapters) over the past few years and WiFi has "just worked" on all of them.
I don't read your sig. Why are you reading mine?
a) A is a bogus concept. A specification amounts to an interface and really doesn't reveal much of anything about the internal workings of the hardware. With or without a specification you can bet a competitor with a multi-million dollar interest in how your hardware works will acquire that information anyway. So while selling hardware to the technically elite crowd that makes the major hardware purchase recommendations on big ticket accounts might not be a significant incentive to hardware manufacturers there really is no downside.
b) You could make that arguement except that there are no shortage of manufacturers that DO make their specs available and the result is that Linux has dramatically superior driver support for that hardware than any other operating system. Take a system with 10 year old hardware and load up ubuntu on it, everything will work out of the box. The popularity issue is self solving, if something isn't popular its because not many people use it or need it. If it was once popular but is no longer popular then the driver will have stabilized while it was.
c) I fail to see the motivation NOT to release quality specifications. Again specifications are how to communicate with the hardware, not how the hardware actually works. The only reason to misrepresent a spec is because the company is doing something shady like maladjusting drivers to give gains on gaming benchmarks at the expense of overall performance and so forth. If they really want to do this they can just release specs that say those maladjusted configurations are the optimal settings for the hardware. Problem solved. Otherwise, why wouldn't you want your hardware to perform as well as it could on a given system.
Actually since linux remains a tech heavy system, it seems to me that even hardware that is being under driven in software, perhaps to enable the sale of the same hardware at different price points would be best run at full unlocked specs in the linux driver anyway. This will give linux users a very favorable view of the hardware. While linux users may be a small percentage of the market, they are the geeks that make recommendations listened to by purchasing managers and by the early adopters who spend the real bucks.
If say, nvidia graphics cards give screaming performance on my linux box and ati cards suck and both have drivers... guess which cards I'm going to have a high opinion of and recommend to my clients?